zeek/testing/btest/Traces at cbd84dbe523c00411dbbd04eb4cb15e6bb275cc6 - Mirror/zeek

Gorka Olalde Mendia ec8c5f6c07 Add tests for ERSPAN Type I patch Co-authored-by: Markel Elorza Alvarez <melorzaalvarez@gmail.com> Co-authored-by: Ivan Arrizabalaga Cupido <ivanarrcup@gmail.com>	2021-03-17 14:41:29 +01:00
..
chksums	Add an option to ignore packets sourced from particular subnets.	2020-10-22 13:23:10 -04:00
dce-rpc	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
dhcp	GH-999: Stop formatting DHCP Client ID Hardware Type 0 as MAC	2020-06-08 11:43:07 -07:00
dnp3	Change snaplens of a few more tests.	2017-02-03 14:10:11 -08:00
dns	Support for additional DNS RR Type: LOC[29], SSHFP[44], NSEC3PARAM[51], custom BIND9 signaling[65534]	2020-11-11 13:35:51 -07:00
dnssec	Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7	2018-09-21 16:40:41 -05:00
ftp	Fixing FTP cwd getting overlue long.	2016-05-29 08:52:47 -07:00
http	Initial implementation of Lower-Level analyzers	2020-09-23 11:13:25 -07:00
icmp	GH-1321: Prevent compounding of `connection_status_update` event timers	2020-12-08 11:20:02 -08:00
ipv4	A set of tests exercising IP defragmentation and TCP reassembly.	2015-07-03 08:40:22 -07:00
krb	Fix potential memory leak in Kerberos scripts	2018-09-10 18:06:07 -05:00
mobile-ipv6	Add support for mobile IPv6 Mobility Header (RFC 6275).	2012-04-09 14:39:00 -05:00
modbus	BIT-1829: add unit test for modbus parser issue	2018-05-18 09:24:06 -05:00
mount	Add unit tests for new MOUNT events -- mount_proc_mnt, mount_proc_umnt,	2018-01-11 17:00:15 -05:00
mysql	Add btest for GH-1084	2020-07-24 09:28:11 -05:00
nfs	Format print nfs units tests to improve output readability. Add unit	2018-01-11 17:02:47 -05:00
ntp	update tests and add a new one for key_id and mac	2019-06-06 16:45:09 +02:00
pe	Add a PE memleak test, and fix a memleak.	2015-04-19 20:22:42 -04:00
radius	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
rdp	add: test trace for when RDPEUDP negotiates RDPEUDP2	2020-04-03 09:59:39 -06:00
rfb	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
sip	Add SIP btests.	2015-04-19 22:25:37 -04:00
smb	Add tests for new SMB3 multichannel support	2020-12-07 15:35:04 -06:00
snmp	Test changes caused by minor order-of-operation changes related to the new loop architecture	2020-01-31 10:13:09 -07:00
ssh	Merge remote-tracking branch 'origin/topic/jsiwek/gh-1264-ssh-host-key-fingerprints' into master	2020-11-16 11:22:37 -08:00
tcp	GH-1164: Fix incorrect RSTOS0 conn_state determinations	2020-09-11 16:14:41 -07:00
tls	Add one more TLS 1.3 testcase and update NEWS	2020-12-15 16:57:26 +00:00
trunc	GH-977: Improve pcap error handling	2020-06-08 18:11:58 -07:00
tunnels	GH-887: improve GRE/ERSPAN parsing of non-IPv4/IPv6 inner payload	2020-03-27 15:22:00 -07:00
arp-leak.pcap	Add bad ARP tests	2018-05-18 17:39:53 +02:00
arp-who-has-radiotap.pcap	Tests/ARP: fix capture files.	2018-05-18 17:25:55 +02:00
arp-who-has-wlanmon.pcap	Tests/ARP: fix capture files.	2018-05-18 17:25:55 +02:00
arp-who-has.pcap	ARP: remove unnecessary variables and add testcase	2016-04-27 06:51:04 -07:00
auth_change_session_keys.pcap	Fix invalid memory free when using Log::default_field_name_map	2018-09-10 19:06:35 -05:00
cisco-fabric-path.pcap	Add Cisco FabricPath support	2018-07-27 16:00:54 -05:00
conn-size.trace	Merge of Gregor's conn-size branch.	2011-05-09 17:14:31 -07:00
contentline-irc-5k-line.pcap	add a max_line_length flag to ContentLine_Analyzer	2017-11-03 16:25:26 -04:00
dns-caa.pcap	Add DNS tests for huge TLL and CAA	2016-04-25 15:43:20 -07:00
dns-edns-cookie.pcap	add edns-cookie testcase	2020-08-20 09:04:56 -04:00
dns-edns-ecs-bad.pcap	Add test case to cover weird EDNS ECS parsing situations	2020-12-08 13:14:20 -08:00
dns-edns-ecs-weirds.pcap	Add test case to cover weird EDNS ECS parsing situations	2020-12-08 13:14:20 -08:00
dns-edns-ecs.pcap	Implement EDNS Client Subnet Option	2020-07-06 15:09:03 -04:00
dns-edns-tcp-keepalive.pcap	add testcases	2020-08-20 09:04:56 -04:00
dns-huge-ttl.pcap	Change snaplens of a few more tests.	2017-02-03 14:10:11 -08:00
dns-inverse-query.trace	Change dns.log to include only standard DNS queries.	2014-01-28 13:56:22 -06:00
dns-spf.pcap	DNS: Add support for SPF response records	2019-06-14 10:18:37 -05:00
dns-tsig.trace	Fix possible buffer over-read in DNS TSIG parsing	2014-09-02 14:22:26 -05:00
dns-two-responses.trace	Fixing a dns reporter message in master.	2013-07-18 09:24:22 -04:00
dns-txt-multiple.trace	Merge remote-tracking branch 'origin/topic/jsiwek/bit-1156'	2014-04-24 16:36:47 -07:00
dns-zero-RRs.trace	Fix for DNS log problem when a DNS response is seen with 0 RRs.	2012-10-05 13:48:49 -04:00
dns53.pcap	BIT-788: use DNS QR field to better identify flow direction.	2015-03-19 11:53:40 -05:00
dns_original_case.pcap	Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.	2020-06-17 10:13:04 -05:00
empty.trace	Porting the istate tests to btest.	2011-03-29 21:46:06 -07:00
erspan.trace	Implement ERSPAN support.	2017-02-03 12:29:22 -08:00
erspanI.pcap	Add tests for ERSPAN Type I patch	2021-03-17 14:41:29 +01:00
erspanII.pcap	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
erspanIII.pcap	Added ERSPAN III testing	2019-01-24 14:05:13 +00:00
globus-url-copy-bad-encoding.trace	Handle invalid Base64 encodings in FTP ADAT analyzer	2020-01-15 12:44:10 -08:00
globus-url-copy.trace	Add an example of a GridFTP data channel detection script.	2012-10-01 12:32:24 -05:00
icmp_dot1q.trace	Refactor to make bro use a common Packet object.	2015-05-29 10:37:39 -04:00
icmp_nd_dnssl.trace	Change ICMP ND length to a uint16	2020-10-15 16:56:05 -05:00
ip6_esp.trace	Fix ipv6_ext_headers event and add routing0_data_to_addrs BIF.	2012-03-14 10:31:08 -05:00
ipv6-fragmented-dns.trace	Add unit test for IPv6 fragment reassembly.	2012-03-12 15:26:51 -05:00
ipv6-hbh-routing0.trace	Improve handling of IPv6 routing type 0 extension headers.	2012-03-27 16:05:45 -05:00
ipv6-http-atomic-frag.trace	Fix handling of IPv6 atomic fragments.	2012-04-04 15:27:43 -05:00
ipv6_zero_len_ah.trace	Fix construction of ip6_ah (Authentication Header) record values.	2012-09-18 16:52:12 -05:00
irc-353.pcap	Fix IRC names command parsing	2018-09-12 19:47:57 -05:00
irc-basic.trace	Merge branch 'master' of https://github.com/marktayl/bro	2016-02-08 13:02:09 -08:00
irc-dcc-send.trace	Add IRC unit tests.	2011-07-20 14:49:20 -05:00
irc-whitespace.trace	Merge branch 'master' of https://github.com/marktayl/bro	2016-02-12 18:55:25 -08:00
linuxsll-arp.pcap	Initial implementation of Lower-Level analyzers	2020-09-23 11:13:25 -07:00
llc.pcap	Merge branch 'topic/jgras/mac-logging' of https://github.com/J-Gras/bro	2016-06-06 17:59:34 -07:00
lldp.pcap	Move UnknownProtocol options to init-bare.zeek	2020-11-11 12:58:38 -08:00
mixed-vlan-mpls.trace	Support for (mixed) MPLS and VLAN traffic, and a new default BPF	2011-04-29 09:10:43 -07:00
mmsX.pcap	Add test case for binpac flowbuffer frame length parsing bug	2020-03-19 22:09:23 -07:00
mpls-in-vlan.trace	Support for MPLS over VLAN.	2014-02-14 12:07:24 -08:00
mqtt.pcap	MQTT Analyzer heavily updated and ported from the analyzer originally by Supriya Kumar	2019-07-29 13:45:10 -04:00
ncp.pcap	Migrate NCP analyzer to use latest analyzer API	2018-05-22 16:27:07 -05:00
negative-time.pcap	Ignoring packets with negative timestamps.	2016-05-23 13:22:22 -07:00
nflog-http.pcap	Merge branch 'master' of https://github.com/rdenniston/zeek	2019-03-19 19:19:02 -07:00
nmap-vsn.trace	Added a document for the SumStats framework.	2013-11-06 13:52:29 -05:00
ntp.pcap	Fix a couple of problems with signature matching.	2016-10-19 14:23:43 -07:00
port4242.trace	Checkpointing the dynamic plugin code.	2013-11-26 14:04:29 -08:00
pppoe-over-qinq.pcap	BIT-1950: support PPPoE over QinQ	2018-07-06 08:04:02 -05:00
pppoe.trace	Adding a test for PPPoE support.	2012-10-24 01:05:01 -04:00
q-in-q.trace	Add support for 802.1ah (Q-in-Q).	2013-03-22 12:38:43 -04:00
radiotap.pcap	Improved Radiotap support and a test.	2016-01-19 04:10:44 -05:00
raw_layer.pcap	Extend packet analysis test.	2020-09-23 11:13:29 -07:00
raw_packets.trace	Refactor to make bro use a common Packet object.	2015-05-29 10:37:39 -04:00
rotation.trace	Moving trace for rotation test into traces directory.	2012-05-16 18:28:51 -07:00
rpc-portmap-sadmind.pcap	GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors	2019-11-13 13:14:14 -08:00
smtp-attachment-msg.pcap	GH-1352: Added flag to stop processing SMTP headers in attached	2021-01-21 14:55:10 -05:00
smtp-multi-addr.pcap	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
smtp-one-side-only.trace	Fixing SMTP state tracking.	2014-06-10 18:01:38 -07:00
smtp.trace	Convert pcapng test suite files to pcap format	2019-11-08 13:08:06 -08:00
socks-auth.pcap	Update the SOCKS analyzer to support user/pass login.	2015-02-05 12:44:10 -05:00
socks-with-ssl.trace	Updates for the SOCKS analyzer.	2012-06-20 13:58:25 -04:00
socks.trace	Updates for the SOCKS analyzer.	2012-06-20 13:58:25 -04:00
ssl-and-ssh-using-sslh.trace	Merge branch 'known_services_multiprotocols' of https://github.com/mauropalumbo75/zeek	2019-08-09 10:47:34 -07:00
syslog-missing-pri.trace	Make Syslog analyzer accept messages that omit Priority	2019-03-14 18:47:32 -07:00
syslog-single-udp.trace	Porting syslog analyzer as another example.	2013-04-05 13:13:30 -07:00
udp-multiple-source-ports.pcap	GH-173: Support ranges of values for value_list elements in the signature parser	2019-05-23 10:58:04 -07:00
udp-signature-test.pcap	BIT-844: fix UDP payload signatures to match packet-wise	2015-04-06 15:22:26 -05:00
var-services-std-ports.trace	Update/improve known-services test.	2011-06-24 11:18:25 -05:00
vntag.pcap	GH-1389: Skip VN-Tag headers	2021-02-01 14:34:56 -07:00
web.trace	Porting the istate tests to btest.	2011-03-29 21:46:06 -07:00
wikipedia-filtered-plus-udp.trace	Tweak find-filtered-trace to not flag traces if they have non-TCP	2020-09-25 11:29:44 +00:00
wikipedia.trace	Fixing checksums in test trace because Bro now reports them. :-)	2012-12-14 14:48:16 -08:00
wlanmon.pcap	Add a test for 802.11 monitor mode	2018-05-15 17:59:26 +02:00
workshop_2011_browse.trace	Basic cross-referencing UIDs between files, btests, and baselines.	2013-05-07 13:33:38 -04:00
www-odd-url.trace	Bugfix for log writer.	2011-09-11 21:33:09 -07:00

chksums

Add an option to ignore packets sourced from particular subnets.

2020-10-22 13:23:10 -04:00

dce-rpc

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

dhcp

GH-999: Stop formatting DHCP Client ID Hardware Type 0 as MAC

2020-06-08 11:43:07 -07:00

dnp3

Change snaplens of a few more tests.

2017-02-03 14:10:11 -08:00

dns

Support for additional DNS RR Type: LOC[29], SSHFP[44], NSEC3PARAM[51], custom BIND9 signaling[65534]

2020-11-11 13:35:51 -07:00

dnssec

Merge branch 'fatemabw/bro' of https://github.com/fatemabw/bro into dev/2.7

2018-09-21 16:40:41 -05:00

ftp

Fixing FTP cwd getting overlue long.

2016-05-29 08:52:47 -07:00

http

Initial implementation of Lower-Level analyzers

2020-09-23 11:13:25 -07:00

icmp

GH-1321: Prevent compounding of connection_status_update event timers

2020-12-08 11:20:02 -08:00

ipv4

A set of tests exercising IP defragmentation and TCP reassembly.

2015-07-03 08:40:22 -07:00

krb

Fix potential memory leak in Kerberos scripts

2018-09-10 18:06:07 -05:00

mobile-ipv6

Add support for mobile IPv6 Mobility Header (RFC 6275).

2012-04-09 14:39:00 -05:00

modbus

BIT-1829: add unit test for modbus parser issue

2018-05-18 09:24:06 -05:00

mount

Add unit tests for new MOUNT events -- mount_proc_mnt, mount_proc_umnt,

2018-01-11 17:00:15 -05:00

mysql

Add btest for GH-1084

2020-07-24 09:28:11 -05:00

nfs

Format print nfs units tests to improve output readability. Add unit

2018-01-11 17:02:47 -05:00

ntp

update tests and add a new one for key_id and mac

2019-06-06 16:45:09 +02:00

pe

Add a PE memleak test, and fix a memleak.

2015-04-19 20:22:42 -04:00

radius

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

rdp

add: test trace for when RDPEUDP negotiates RDPEUDP2

2020-04-03 09:59:39 -06:00

rfb

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

sip

Add SIP btests.

2015-04-19 22:25:37 -04:00

smb

Add tests for new SMB3 multichannel support

2020-12-07 15:35:04 -06:00

snmp

Test changes caused by minor order-of-operation changes related to the new loop architecture

2020-01-31 10:13:09 -07:00

ssh

Merge remote-tracking branch 'origin/topic/jsiwek/gh-1264-ssh-host-key-fingerprints' into master

2020-11-16 11:22:37 -08:00

tcp

GH-1164: Fix incorrect RSTOS0 conn_state determinations

2020-09-11 16:14:41 -07:00

tls

Add one more TLS 1.3 testcase and update NEWS

2020-12-15 16:57:26 +00:00

trunc

GH-977: Improve pcap error handling

2020-06-08 18:11:58 -07:00

tunnels

GH-887: improve GRE/ERSPAN parsing of non-IPv4/IPv6 inner payload

2020-03-27 15:22:00 -07:00

arp-leak.pcap

Add bad ARP tests

2018-05-18 17:39:53 +02:00

arp-who-has-radiotap.pcap

Tests/ARP: fix capture files.

2018-05-18 17:25:55 +02:00

arp-who-has-wlanmon.pcap

Tests/ARP: fix capture files.

2018-05-18 17:25:55 +02:00

arp-who-has.pcap

ARP: remove unnecessary variables and add testcase

2016-04-27 06:51:04 -07:00

auth_change_session_keys.pcap

Fix invalid memory free when using Log::default_field_name_map

2018-09-10 19:06:35 -05:00

cisco-fabric-path.pcap

Add Cisco FabricPath support

2018-07-27 16:00:54 -05:00

conn-size.trace

Merge of Gregor's conn-size branch.

2011-05-09 17:14:31 -07:00

contentline-irc-5k-line.pcap

add a max_line_length flag to ContentLine_Analyzer

2017-11-03 16:25:26 -04:00

dns-caa.pcap

Add DNS tests for huge TLL and CAA

2016-04-25 15:43:20 -07:00

dns-edns-cookie.pcap

add edns-cookie testcase

2020-08-20 09:04:56 -04:00

dns-edns-ecs-bad.pcap

Add test case to cover weird EDNS ECS parsing situations

2020-12-08 13:14:20 -08:00

dns-edns-ecs-weirds.pcap

Add test case to cover weird EDNS ECS parsing situations

2020-12-08 13:14:20 -08:00

dns-edns-ecs.pcap

Implement EDNS Client Subnet Option

2020-07-06 15:09:03 -04:00

dns-edns-tcp-keepalive.pcap

add testcases

2020-08-20 09:04:56 -04:00

dns-huge-ttl.pcap

Change snaplens of a few more tests.

2017-02-03 14:10:11 -08:00

dns-inverse-query.trace

Change dns.log to include only standard DNS queries.

2014-01-28 13:56:22 -06:00

dns-spf.pcap

DNS: Add support for SPF response records

2019-06-14 10:18:37 -05:00

dns-tsig.trace

Fix possible buffer over-read in DNS TSIG parsing

2014-09-02 14:22:26 -05:00

dns-two-responses.trace

Fixing a dns reporter message in master.

2013-07-18 09:24:22 -04:00

dns-txt-multiple.trace

Merge remote-tracking branch 'origin/topic/jsiwek/bit-1156'

2014-04-24 16:36:47 -07:00

dns-zero-RRs.trace

Fix for DNS log problem when a DNS response is seen with 0 RRs.

2012-10-05 13:48:49 -04:00

dns53.pcap

BIT-788: use DNS QR field to better identify flow direction.

2015-03-19 11:53:40 -05:00

dns_original_case.pcap

Modified the DNS protocol analyzer to add a new parameter to the dns_request event which includes the DNS query in its original case. Added a policy script that will add the original_case to the dns.log file as well. Created new btests to test both.

2020-06-17 10:13:04 -05:00

empty.trace

Porting the istate tests to btest.

2011-03-29 21:46:06 -07:00

erspan.trace

Implement ERSPAN support.

2017-02-03 12:29:22 -08:00

erspanI.pcap

Add tests for ERSPAN Type I patch

2021-03-17 14:41:29 +01:00

erspanII.pcap

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

erspanIII.pcap

Added ERSPAN III testing

2019-01-24 14:05:13 +00:00

globus-url-copy-bad-encoding.trace

Handle invalid Base64 encodings in FTP ADAT analyzer

2020-01-15 12:44:10 -08:00

globus-url-copy.trace

Add an example of a GridFTP data channel detection script.

2012-10-01 12:32:24 -05:00

icmp_dot1q.trace

Refactor to make bro use a common Packet object.

2015-05-29 10:37:39 -04:00

icmp_nd_dnssl.trace

Change ICMP ND length to a uint16

2020-10-15 16:56:05 -05:00

ip6_esp.trace

Fix ipv6_ext_headers event and add routing0_data_to_addrs BIF.

2012-03-14 10:31:08 -05:00

ipv6-fragmented-dns.trace

Add unit test for IPv6 fragment reassembly.

2012-03-12 15:26:51 -05:00

ipv6-hbh-routing0.trace

Improve handling of IPv6 routing type 0 extension headers.

2012-03-27 16:05:45 -05:00

ipv6-http-atomic-frag.trace

Fix handling of IPv6 atomic fragments.

2012-04-04 15:27:43 -05:00

ipv6_zero_len_ah.trace

Fix construction of ip6_ah (Authentication Header) record values.

2012-09-18 16:52:12 -05:00

irc-353.pcap

Fix IRC names command parsing

2018-09-12 19:47:57 -05:00

irc-basic.trace

Merge branch 'master' of https://github.com/marktayl/bro

2016-02-08 13:02:09 -08:00

irc-dcc-send.trace

Add IRC unit tests.

2011-07-20 14:49:20 -05:00

irc-whitespace.trace

Merge branch 'master' of https://github.com/marktayl/bro

2016-02-12 18:55:25 -08:00

linuxsll-arp.pcap

Initial implementation of Lower-Level analyzers

2020-09-23 11:13:25 -07:00

llc.pcap

Merge branch 'topic/jgras/mac-logging' of https://github.com/J-Gras/bro

2016-06-06 17:59:34 -07:00

lldp.pcap

Move UnknownProtocol options to init-bare.zeek

2020-11-11 12:58:38 -08:00

mixed-vlan-mpls.trace

Support for (mixed) MPLS and VLAN traffic, and a new default BPF

2011-04-29 09:10:43 -07:00

mmsX.pcap

Add test case for binpac flowbuffer frame length parsing bug

2020-03-19 22:09:23 -07:00

mpls-in-vlan.trace

Support for MPLS over VLAN.

2014-02-14 12:07:24 -08:00

mqtt.pcap

MQTT Analyzer heavily updated and ported from the analyzer originally by Supriya Kumar

2019-07-29 13:45:10 -04:00

ncp.pcap

Migrate NCP analyzer to use latest analyzer API

2018-05-22 16:27:07 -05:00

negative-time.pcap

Ignoring packets with negative timestamps.

2016-05-23 13:22:22 -07:00

nflog-http.pcap

Merge branch 'master' of https://github.com/rdenniston/zeek

2019-03-19 19:19:02 -07:00

nmap-vsn.trace

Added a document for the SumStats framework.

2013-11-06 13:52:29 -05:00

ntp.pcap

Fix a couple of problems with signature matching.

2016-10-19 14:23:43 -07:00

port4242.trace

Checkpointing the dynamic plugin code.

2013-11-26 14:04:29 -08:00

pppoe-over-qinq.pcap

BIT-1950: support PPPoE over QinQ

2018-07-06 08:04:02 -05:00

pppoe.trace

Adding a test for PPPoE support.

2012-10-24 01:05:01 -04:00

q-in-q.trace

Add support for 802.1ah (Q-in-Q).

2013-03-22 12:38:43 -04:00

radiotap.pcap

Improved Radiotap support and a test.

2016-01-19 04:10:44 -05:00

raw_layer.pcap

Extend packet analysis test.

2020-09-23 11:13:29 -07:00

raw_packets.trace

Refactor to make bro use a common Packet object.

2015-05-29 10:37:39 -04:00

rotation.trace

Moving trace for rotation test into traces directory.

2012-05-16 18:28:51 -07:00

rpc-portmap-sadmind.pcap

GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors

2019-11-13 13:14:14 -08:00

smtp-attachment-msg.pcap

GH-1352: Added flag to stop processing SMTP headers in attached

2021-01-21 14:55:10 -05:00

smtp-multi-addr.pcap

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

smtp-one-side-only.trace

Fixing SMTP state tracking.

2014-06-10 18:01:38 -07:00

smtp.trace

Convert pcapng test suite files to pcap format

2019-11-08 13:08:06 -08:00

socks-auth.pcap

Update the SOCKS analyzer to support user/pass login.

2015-02-05 12:44:10 -05:00

socks-with-ssl.trace

Updates for the SOCKS analyzer.

2012-06-20 13:58:25 -04:00

socks.trace

Updates for the SOCKS analyzer.

2012-06-20 13:58:25 -04:00

ssl-and-ssh-using-sslh.trace

Merge branch 'known_services_multiprotocols' of https://github.com/mauropalumbo75/zeek

2019-08-09 10:47:34 -07:00

syslog-missing-pri.trace

Make Syslog analyzer accept messages that omit Priority

2019-03-14 18:47:32 -07:00

syslog-single-udp.trace

Porting syslog analyzer as another example.

2013-04-05 13:13:30 -07:00

udp-multiple-source-ports.pcap

GH-173: Support ranges of values for value_list elements in the signature parser

2019-05-23 10:58:04 -07:00

udp-signature-test.pcap

BIT-844: fix UDP payload signatures to match packet-wise

2015-04-06 15:22:26 -05:00

var-services-std-ports.trace

Update/improve known-services test.

2011-06-24 11:18:25 -05:00

vntag.pcap

GH-1389: Skip VN-Tag headers

2021-02-01 14:34:56 -07:00

web.trace

Porting the istate tests to btest.

2011-03-29 21:46:06 -07:00

wikipedia-filtered-plus-udp.trace

Tweak find-filtered-trace to not flag traces if they have non-TCP

2020-09-25 11:29:44 +00:00

wikipedia.trace

Fixing checksums in test trace because Bro now reports them. :-)

2012-12-14 14:48:16 -08:00

wlanmon.pcap

Add a test for 802.11 monitor mode

2018-05-15 17:59:26 +02:00

workshop_2011_browse.trace

Basic cross-referencing UIDs between files, btests, and baselines.

2013-05-07 13:33:38 -04:00

www-odd-url.trace

Bugfix for log writer.

2011-09-11 21:33:09 -07:00